Wireshark · Wireshark-users: Re: [Wireshark-users] MMS decoding problem

[Salman Malik <salmanmk@xxxxxxxx>]

Thanks Sam. I am providing all the referenced data to the compiler (otherwise it raises error).

So here is the complete picture:

I have a buffer containing following byte stream:

A8 26 80 03 00 FD E8 81 01 0A 82 01 0A 83 01 05 
A4 16 80 01 01 81 03 05 C4 E0 82 0C 03 19 00 44
E9 19 00 40 64 4D 00 A8

I know the structure type of the above buffer. The structure is a sequence whos ASN definition is given below:

Initiate-RequestPDU ::= SEQUENCE                                     --This is carried as a payload of a field having type ANY in the ACSE layer (the field definition is given below)
    {
    localDetailCalling                    [0] IMPLICIT Integer32 OPTIONAL,
    proposedMaxServOutstandingCalling    [1] IMPLICIT Integer16,
    proposedMaxServOutstandingCalled    [2] IMPLICIT Integer16,
    proposedDataStructureNestingLevel    [3] IMPLICIT Integer8 OPTIONAL,
    mmsInitRequestDetail                [4] IMPLICIT InitRequestDetail
    }

EXTERNALt  ::=  [UNIVERSAL 8] IMPLICIT SEQUENCE
     {
      direct-reference  OBJECT IDENTIFIER OPTIONAL,
      indirect-reference  INTEGER OPTIONAL,
      data-value-descriptor  ObjectDescriptor  OPTIONAL,
      encoding  CHOICE
                  {single-ASN1-type  [0] ANY,                                              --This field carries the above structure in itself
                   octet-aligned     [1] IMPLICIT OCTET STRING,
                   arbitrary         [2] IMPLICIT BIT STRING}
     }


The author of asn1c compiler says that the Initiate-RequestPDU should be declared as [8] IMPLICIT SEQUENCE (not just SEQUENCE) in order to be properly decoded, but since I am passing Initiate-RequestPDU to a different decoding function, I need to somehow tell the decoder of the nature of context-specific tag (which I am not sure how I should go about).

Any ideas ?

> Date: Sat, 7 Jan 2012 13:32:11 -0800
> From: vieuxtech@xxxxxxxxx
> To: wireshark-users@xxxxxxxxxxxxx
> Subject: Re: [Wireshark-users] MMS decoding problem
>
> On Fri, Jan 6, 2012 at 7:27 AM, Salman Malik <salmanmk@xxxxxxxx> wrote:
> > I know this is not directly related to wireshark but I expect that most of
> > you will be able to help me on this one. I am using asn1c Compiler to decode
> > MMS protocol (transported over TPKT, COTP,Session, Presentation, ACSE
> > layers). The problem that I am having is the asn1c compiler complains of
> > unexpected tag when I decode the MMS layer packets. I suspect that this is
>
> Which tag, in which message?
>
> Its sounds more like a context dependent tag (tags are just numbers
> defining data types, but there are standard ones, app dependent ones,
> and context dependent ones), nothing to do with context from the
> wrapping protocols. Is it possible you didn't find all the reference
> ASN and feed it to your asn compiler? Maybe you can find an ASN.1
> verifier, that can tell you whether you provided all referenced ASN
> types and definitions?
>
> I've never used an ASN.1 compiler, we always hand encode and decoded
> messages for code space efficiency reasons.
>
> Cheers,
> Sam
> ___________________________________________________________________________
> Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
> Archives: http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
> mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe